Job Description

BambooHR is seeking an experienced Application Security Engineer to identify and mitigate security risks, lead threat modeling, and ensure platform security, particularly in a multi-tenant SaaS environment. This role involves collaboration with various teams, expertise in authentication and authorization, and hands-on API security testing.

Responsibilities

• Lead threat modeling exercises
• Translate technical security risks into business terms
• Provide expertise on secure authentication and authorization
• Partner with product teams to embed security requirements
• Address SaaS-specific security challenges
• Conduct API security testing
• Define and document security requirements
• Provide security consultation
• Stay current with security threats and best practices

Requirements

• Bachelor's degree or equivalent experience
• Minimum 3 years of application security experience
• Deep understanding of web application and API security principles
• Ability to translate technical security risks into business terms
• Experience collaborating with product teams
• Strong knowledge of common web application vulnerabilities
• Excellent communication skills

Benefits

• No benefits